WiFi Web Login

Thursday, 20 February 2014

The Google Android development team made a considerable change to the embedded browser component (WebView) which WiFi Web Login uses to record and replay browser actions. As a result of this change they seem to have introduced an bug related to the establishing of secure (ssl) communication. The secure handshake fails, communication fails to start and the embedded browser component displays a "Webpage not available" screen.

We believe that the bug occurs when certain SAN Certificates (certificates using the Subject Alternative Name extension). This error is prevalent on CISCO WiFi Access points (usually self-signed certificates, but not exclusively).

We haven't been able to replicate this in our test environment.
Due to the nature of the issue (embedded in the android OS security layer), there isn't any way to work around it.

We have raised an issue the Google Android development team, and hopefully they can address the problem and provide a fix for future android updates. They may be able to provide a work-around, but I would say that this is highly unlikely again due to nature of the issue.

Samsung have introduced a custom behaviour to their devices running
Android 4.3 and higher. This behaviour is to disconnect from any access point if it
recognises a captive portal (web login). This behaviour is not a standard Android behaviour in any way! Samsung have not included a
setting to disable this bespoke behaviour, and it seriously interferes with WiFi
Web Login's ability to achieve full background login automation. If the device is not connected to the WiFi , then obviously no login can be replayed.
We have discovered a work-around for this problem, and are working on a new release that will contain this work-around. The work-around doesn't fix the browser popup and sign-in notifications, but it should allow the app to replay a login in the background. Please email us a support@syslynx.co.uk if you would like to become a beta-tester and try the work-around now. We are still advising all users to please COMPLAIN DIRECTLY TO SAMSUNG in the hope to speed things up and get them to provide a preference/option to disable the behaviour completely. Please lodge a formal complaint about the behaviour directly to
Samsung with the following links and using the complaint text provided below.

Samsung twitter: @SamsungDevUS

Tweet text:@SamsungDevUS I would like to complain about the bespoke WiFi behaviour on Samsung devices running Android 4.3. see http://wifiweblogin.syslynx.co.uk/2013/12/samsung-43-compatibility.html

I would like to complain about a bespoke WiFi behaviour Samsung have introduced to devices running the Samsung version of Android 4.3 and higher. This behaviour is to disconnect from any WiFi access point if it recognises a captive portal (browser based login form). This behaviour doesn't allow me connect to corporate intranet WiFi access points (where internet access is restricted). This behaviour also completely excludes any possibility of automated captive portal login. Many apps on the play market provide this functionality. For example see https://play.google.com/store/apps/details?id=co.uk.syslynx.wifiwebloginapp . There is no setting or preference to disable this behaviour! This behaviour is not a standard Android behaviour! This behaviour is not present in vanilla Android 4.3 and higher! This behaviour was not present on my device when I purchased it (before the 4.3 update)! Can you please let me know how to disable this behaviour! If this is not possible, please provide a preference to disable this behaviour in future updates!